VPN tunnel uptime problem
Guru Member
USG FLEX 700H V1.36(ABZI.0)
So I don't normally look at Nebula but now and then I log in to view some things like the VPN usage and connectivity and I'm sure the last time I looked when I had three tunnels that are local it showed solid green for all of them but I added a 4th and check over some days and some red was showing I through what was the cause was incorrect local/remote ID but no was not that. I then disabled the 4th tunnel and still there was a drop and all at the same time for the three tunnels.
So now I have enabled the 4th and added a 5th to do a ping to see if the ping drop or does not drop when Nebula show red as a drop.
The link from/to FLEX700H and Zyxell 110 gone through three switches and I have checked port up and down logs all showed clear.
All Replies
-
Caught it in the ack!
So this looks to be a Nebula problem because my ping test was running fine down test tunnel all other tunnels were fine but Nebula says they are all disconnected when not.
There might be two random problems at play because the above show disconnected so you would that think that would show in connectivity but not this time? maybe the next time it happens it will show?
0 -
Hi @PeterUK
The discrepancy you're seeing (where your ping test is successful but the Nebula dashboard shows "disconnected") is due to the fact that the VPN status on the Nebula Control Center (NCC) is not displayed in real-time.
Zyxel Melen0 -
Hmm… its now been 24hr and the connectivity is solid green along with the other tunnels
0 -
Hi @PeterUK
Have you disable/enable the VPN tunnel for last 24 hr? If not, the issue could relate to the VPN status report during disable/enable the VPN tunnel. Could we have a remote replicate for this issue? During the replicate, we will also collect the needed logs to investigate this issue.
Zyxel Melen0 -
No I have not disabled or enable the tunnel for the last 24hr, could someone your end of fixed something?
Zyxel Support Access is enabled on Nebula for Organization _ Site USG FLEX 700H
0 -
This is because the disconnect period has passed over the last 24 hours. For the past 24 hours, there's been no disconnect issue; the VPN status displays all green.
Therefore, I assume this issue could relate to the VPN status report during/after disabling/enabling the VPN tunnel. Please let us know if you allow us to have a remote replication, thanks.
Zyxel Melen0 -
Ok sure you can remote replication the issue if needed.
Thanks
0 -
Hi @PeterUK
We noticed that there has some error logs related with netconf, the protocol for Zyxel devices communicate with Nebula, which could cause some device's data can't be sent to Nebula server. To fix it, could you help to reboot the firewall? We will access to check further after rebooting.
Zyxel Melen0 -
Ok its been rebooted
0
Zyxel Employee
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 206 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 522 USG FLEX H Series
- 330 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 49 Wireless Ideas
- 6.9K Consumer Product
- 290 Service & License
- 462 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.5K FAQ
- 34 Documents
- 86 About Community
- 98 Security Highlight
